Introduced in: 30 Sep 2005 by Fredrik Thulin <ft@it.su.se>
Authors: Fredrik Thulin (ft@it.su.se).
decode_ssl_rdnseq/1 | Turn a rdnSequence into a list of {Key, Value} where Key is either the oid (integer() or tuple()) or, if ssl_pkix_oid could turn it into an atom, then an atom (like countryName). |
get_ssl_peer_info/4 | Try to get the SSL peer certificate using a socket. |
is_acceptable_ssl_socket/5 | Check if a socket is 'acceptable'. |
decode_ssl_rdnseq(Other::RdnSequence) -> {ok, Tuples} | {error, Reason}
Turn a rdnSequence into a list of {Key, Value} where Key is either the oid (integer() or tuple()) or, if ssl_pkix_oid could turn it into an atom, then an atom (like countryName).
get_ssl_peer_info(Socket, Proto, IP, Port) -> {ok, Subject, AltNames} | {error, Reason}
Try to get the SSL peer certificate using a socket. If that fails, we check if it was a client that connected to us and if clients are required to present a certificate. Returns either {ok, Subject}, or true/false saying if the socket should be considered valid or not.
is_acceptable_ssl_socket(Socket, Dir, Proto, Remote, Names) -> true | false
Check if a socket is 'acceptable'. For SSL, this means verify that the subjectAltName/CN is included in Names.
Generated by EDoc, Oct 17 2007, 16:48:21.